Internet Voting

Of course the answer is that Internet voting is not safe, much more vulnerable than the power grid. But why don’t we know that?

How are grid vulnerabilities different from the vulnerabilities of electronic voting and Internet voting in particular? Lets look at a story from the LA Times highlighting vulnerabilities in the power grid

Yesterday, the Government Elections and Administration (GAE) held its last meeting of the year to approve bills originating in the Committee. Today we will recap three of be seven election bills we are tracking.

It is hard to compare and prioritize the importance and impact of bills for good or ill. Today’s three bills provide an instructive contrast. All three are well intended, yet ill conceived. One is extremely threatening to democracy, yet the threat may be way off or ultimately avoided. Another sets a bad precedent for Connecticut and the Nation, flaunts reason, with a message almost the opposite of that intended. The third aimed at fairness is unfair to most of those seeking redress for an imagined unfairness. UPDATED.

Yesterday, I testified against two bills. I do not particularly like testifying against bills that promote concepts that I support, like electronic check-in, yet like all technology, it can be done in a way that helps, without adding risks.

On the other hand, it is a privilege to defend the Secret Vote, one of many, often under-appreciated, keystones of democracy. Also appreciated is the many thoughtful questions presented by the Committee which gave me an opportunity to stand for the Secret Vote.

Security researchers say they have developed an interesting trick to take over Gmail and Outlook.com email accounts – by shooting down victims’ logout requests even over a supposedly encrypted connection.
And their classic man-in-the-middle attack could be used to compromise electronic ballot boxes to rig elections, we’re told.

We have often been perplexed when the public and the Legislature ignore science and simple facts. No more so than when it comes to Internet voting where there is overwhelming recognition of the risks by scientists AND overwhelming evidence that individual, business, and government computers have been repeatedly compromised.

Merrill has remained steadfast in her commitment to protect us from the risks of Internet voting. She is recommending a system to aid the Military in downloading blank ballots and mailing them in quicker. A system that has proven successful in other states. She also reminds the Legislature that Internet voting (including Fax and Email return) would be unconstitutional in Connecticut,

This promises to be an important project. The powerful team all but guarantees a significant, trusted result. Yet, what is critical is that officials and legislators fully understand the result and undertake any Internet voting following any detailed requirements developed by the study. Our own educated prediction is that reasonably safe Internet voting is likely to be judged possible, yet unlikely to be feasible. There are significant security challenges, especially if voting were to be performed from voters’ computers, without requiring sophisticated verification techniques on the part of voters, and expensive security provisions by officials.

Another installment in our observations of Cognitive Dissonance in Connecticut, especially the Legislature. The latest dissonance/hypocrisy involves the breech of personal information by state contractor JP Morgan Chase.
All we are left with is that Internet Voting is no more safe than Internet banking. Actually less so because vote fraud, without double entry bookkeeping is harder to detect and prove.

In psychology, cognitive dissonance is the discomfort experienced when simultaneously holding two or more conflicting cognitions: ideas, beliefs, values or emotional reactions. In a state of dissonance, people may sometimes feel “disequilibrium”: frustration, hunger, dread, guilt, anger, embarrassment, anxiety, etc – Wikipedia

The state fails at protecting data, legislators to get lesson in Internet security, N.I.S.T experts say unsafe the Internet is not safe for voting, the N.S.A. and others can look at practically anything, yet local registrars, the Secretary of the State, and the State Military Department can protect Internet voting by Legislative decree.

Another challenge for Secretary of the State Denise Merrill and the state Military Department in creating a safe online voting system for Connecticut. We would add that one of the key (pun intended) vulnerabilities in online voting is in the user id’s and passwords required for voting.